Description
Polling FortiGate from SolarWinds via SNMPv3 with AES256 encryption fails despite all configuration parameters being correct.
This sometimes can be caused by difference in the method used by each appliance to manipulate encryption key sizes.
This article describes How to fix SNMPv3 AES256 encryption not working with SolarWinds.
Solution
An additional encryption algorithm has been added (AES256Cisco) which is compatible with SolarWinds and Cisco.
It can be used instead of the standard AES256 algorithm when SolarWinds is the SNMP server.
Here is the configuration from FortiGate GUI (FortiOS 6.2.3).
The same configuration from the CLI is as follow:
Polling FortiGate from SolarWinds via SNMPv3 with AES256 encryption fails despite all configuration parameters being correct.
This sometimes can be caused by difference in the method used by each appliance to manipulate encryption key sizes.
This article describes How to fix SNMPv3 AES256 encryption not working with SolarWinds.
Solution
An additional encryption algorithm has been added (AES256Cisco) which is compatible with SolarWinds and Cisco.
It can be used instead of the standard AES256 algorithm when SolarWinds is the SNMP server.
Here is the configuration from FortiGate GUI (FortiOS 6.2.3).
# config system snmp user
edit "SolarWinds-FGT"
set notify-hosts 10.20.3.12
set security-level auth-priv
set auth-pwd ENC NUhjnzBY/abeBYqer/4y+las8O1EliYitxWyCR/+CecGJ7HmC6XF5sbF4YIHNKjWi0
set priv-proto aes256cisco
set priv-pwd ENC NUhjnzBY/abeBYqer/4y+las8O1EliYitxWyCR/+CecGJ7HmC6XF5sbF4YIHNKjWi0
next
end
